Changelog base-components

2022.7.3 (2022-09-23)

Fixed

• [workflow][VEGA-249] Fixed TimerHandlerBean passing a UserContext where userName is null
• [workflow][VEGA-233] Adding better error handling in EngineStarterBean and EngineHealthBean postConstruct methods
• Fixed NullPointerException in preDestroy method of EngineHealthBean

2022.7.2 (2022-08-09)

Changed

• Refactored UserAuthenticationBean to not use Vector.

Removed

• Cleaned up deprecated code:
  • Removed net.democritus.usr.ProfileUserContext
  • Removed net.democritus.sys.ObjectValueAgent
  • Removed net.democritus.web.acting.EngineControllerAction
  • Removed net.democritus.web.acting.EngineDetailerAction

2022.7.1 (2022-06-16)

Fixed

• Check whether OIDC logout URL is provided, as this only applied to OpenID Connect implementations that provide session management capabilities.

2022.7.0 (2022-06-09)

Added

• Added context to user session next to userContext
• [NSX-220] Add support for OIDC logout

Changed

• [NSX-217] Add more OIDC error logging
• Fix some OIDC sonarqube bugs
• [FLOW-40] Optimize database query to update engineService.lastRunAt

Fixed

• [FLOW-16] Fix multiple cached instances

2022.6.0 (2022-05-30)

Changed

• Updated 3rd party dependencies in expanders project (not in expanded code):
  • Maven plugins:
    • org.apache.maven.plugins:maven-jar-plugin: 3.2.0 -> 3.2.2
    • org.apache.maven.plugins:flatten-maven-plugin: 1.2.1 -> 1.2.7
• Updated NSX Maven plugin in expanders project (not in expanded code):
  • net.democritus.maven.plugins:expanders-maven-plugin: 2021.5.13 -> 2022.1.6
• Updated expander dependencies (minimum version) to address security vulnerabilities:
  • net.democritus:Expanders: 5.2.4 -> 5.9.3
  • net.democritus.metamodel:prime-core: 2021.5.12 -> 2022.5.6
• Updated model files to format supported by prime-core version 2022.5.6.

2022.5.2 (2022-05-19)

Fixed

• Fix NPE in TimeWindowValidator
• Fix StateTaskDetailsWithoutRefs -> StateTaskDetails

2022.5.1 (2022-05-16)

• re-release 2022.5.0

2022.5.0 (2022-05-16)

Changed

• Optimize getParamTargetValue() with skipCount
• Add error logging on workflow related tasks
• [FLOW-16] Cache workflow runtime configuration to reduce database queries
• [FLOW-16] Use detailsWithoutRefs projection in workflow orchestration to reduce database queries
• [FLOW-16] Update EngineNodeService with projection to reduce database queries
• [FLOW-13] Add ‘refresh’ button to engineService table to force a timer reset if settings are changed
• [FLOW-26] Ignore collector from EngineService

• Fixed

• [FLOW-13] Fixed automatic timer reset on timeout when settings are changed
• [FLOW-36] Fix incorrect timewindow validation in last minute of window

Changed

• [FLOW-22] Add support for task timeout in ExecutorServiceTaskProcessor

2022.4.1 (2022-04-14)

Fixed

• Fixed naming conflict in harvest code
• Fixed missing imports

2022.4.0 (2022-04-14)

Added

• Added workflow/workflow-recover-json endpoint to start recovering instances, mainly used for tests. Provide the workflow reference as a parameter, e.g. workflow/workflow-recover-json?workflow.name=MessageProcessorFlow

2022.3.0 (2022-02-18)

Added

• Added run now button to engineService table

2022.2.1 (2022-02-16)

Fixed

• [NSX-213] Verify that email is present in OIDC token as this is a required field.

Added

• [NSX-218] Added support to the OIDC authentication for UserGroups.

Changed

• Performance optimizations in OIDC flow.

2022.2.0 (2022-02-07)

Removed

• [VEGA-173] Removed start/stop engine buttons from workflow page, since they are automatically managed by the EngineStarterBean

Fixed

• OIDC implementation failed on non-standard ports on a reverse proxy in front of the application.
• Added synchronization to EngineNodeContextRetriever#getEngineNode() to prevent the EngineNode from being created multiple times

2021.6.1 (2021-12-13)

Fixed

• Fixed DataAccessFinderBean not using ENTITY_NAME in a custom finder harvest

Removed

• Removed obsolete ProfileFindByUserGroups_ProfileEqDetails originally used by a long removed UserGroupScreenInfoRetrieverAction

2021.6.0 (2021-12-06)

Removed

• Removed obsolete cocoon addScreen() and getScreenVector() harvests for Profile and ScreenProfile elements
  • This is likely to break existing overlays/copy-pastes of LoginUserSessionHelper, please sync your code
• Removed obsolete cocoon ScreenInfoRetrieverAction behavior (it is a no-op now)

2021.5.0 (2021-12-06)

Added

• Added delete stub for custom asset types to implementation class.

2021.4.4 (2021-10-28)

Fixed

• OpenID Connect pipeline did not always terminate in the authentication process.

2021.4.3 (2021-10-21)

Added

• Support for OIDC access tokens, to support OIDC for APIs.

2021.4.2 (2021-10-20)

Fixed

• Default value for defaultLoginTimeout with OpenID Connect was not set if the property was not present (and empty) in the configuration.

2021.4.1 (2021-10-20)

Fixed

• User profile and account should only update if externally managed through OpenID Connect provider.

2021.4.0 (2021-10-20)

Added

• Option baseComponents.isAccount on the account component to match the component in its expanders.
• Generic support for OpenID Connect authentication from any provider with the ApplicationInstance option baseComponents.authentication.enableOIDC.

Changed

• AccountApplicationSettings now combines the settings of all account.ns.properties files found in the classpath. This allows some settings to be specified inside the application and some outside of it.
• Moved AccountApplicationSettings as expander to net.democritus:Expanders.

Removed

• Removed support for the proprietary Google authentication implementation for OpenID Connect and the related baseComponents.authentication.enableGoogleAuth option.
• Removed includeBouncyCastle option on utils component.

2021.3.1 (2021-09-21)

Fixed

• Fixed some files containing non-ASCII characters

2021.3.0 (2021-07-16)

Fixed

• Translation for DataAccess.authorized field.

Added

• [NSX-163] Added support methods to validate listFields in TagValuePairAgent
• Added support for component name in DataAccess element. It should be inserted in the element field as componentName_dataElementName. Just defining the name of the element is still supported, but discouraged.
• Added wildcard right for DataAccess as all, which can be used to deny all rights for an element when the default is allowing all rights, or to allow all rights for an element when the default is denying all rights.
• Added simple wildcard support for components and elements in the DataAccess element where the element can be * to cover all elements in every component, or componentName_* to cover every element in a component.
• Added net.democritus.acl.ConfigurableDataAuthorizationImpl and net.democritus.acl.ConfigurableTaskAuthorizationImpl classes as an alternative default implementation for the authorization tasks. They default to deny all (or whitelisting), which requires you to define all rights (made easier by the wildcard support). It can be configured to use allow all (or blacklisting) by default if the ParamTargetValue with name defaultAccessRights is set to allowAll.

Changed

• DataAccessRights and TaskAccessRights can now take an instance of AccessRightStrategy, which determines the default authorization for access rights, as well as how access rights are combined.

Removed

• Removed junit:junit dependency in assets-shared, which is already added by the expanders.
• Removed net.democritus:nsx-logging dependency in assets-shared, which is already inherited from net.democritus:nsx-shared-common.
• Removed unused org.json:json dependency in account-logic.

2021.2.1 (2021-06-08)

Fixed

• Fixed issue where AccessInfoInterceptor would reject saveDetails actions when the user has modify rights, but not create rights.
• Fixed ParamTargetValueBean#setParamTargetValue not updating existing values
• Fixed ExecutorServiceTaskProcessor getting stuck when completionService.submit() throws an exception (e.g. when the executorService queue is too small)

2021.2.0 (2021-05-07)

Added

• Added ExecutorServiceTaskProcessor, which uses an ExecutorService to perform tasks

2021.1.0 (2021-03-10)

Added

• Added base-components-model:jar:model-components classifier containing only pure NS model (without harvest/etc.)

2021.0.1 (2021-01-18)

Fixed

• EngineNodeUpdater now automatically removes EngineNodes with duplicate names during startup.

2021.0.0 (2021-01-14)

Fixed

• Updated custom code in base-components to use most recent finders

2020.12.2 (2020-12-04)

Fixed

• ParamTargetValueAgent.setParamTargetValue() now correctly sets the param field instead of the name to the given paramName.

2020.12.1 (2020-11-24)

Fixed

• Fixed EmbeddedAssetUpload feature to work with change in expanders 4.11.1

2020.12.0 (2020-11-24)

Added

• Added PTV support to configure a default user timeout value for accounts with Google authentication.

2020.11.3 (2020-11-10)

Fixed

• Fixed issue with Register external asset button on Assets page.
• Reverted implementation of LoginValidatorAction to proxy the login call though the Authentication element’s task, instead of calling the authentication pipeline in User directly.
• Removed transaction from run-workflow methods

2020.11.2 (2020-10-23)

Fixed

• Fixed an issue in the TimerHandlerBean where the timer would get stuck if the database failed when trying to retrieve the details projection of the EngineService.

2020.11.1 (2020-10-09)

Updated

• Updated nsx-parent 2020.5 -> 2020.9.1

2020.11.0 (2020-09-24)

Added

• A workflow can now be triggered with a POST request to /workflow/workflow-run-json.
  • to run it based on an engineService; You must define a dataRef engineService. E.g. http://localhost:9400/messageApp/workflow/workflow-run-json?engineService.name=MessageImportEngineService
  • to run it with a set of targetInstance; You must define a dataRef workflow and an array of dataRefs targetInstances. E.g. http://localhost:9400/messageApp/workflow/workflow-run-json with body:

    {
        "workflow": {
            "name": "MessageImportService"
        },
        "targetInstances": [
            {
                "id": 351
            }
        ]
    }
    

• In addition, the WorkflowAgent has new methods runWorkflowWithEngineService(DataRef engineService) and runWorkflowWithTargets(DataRef workflow, List<DataRef> targetInstances) that will trigger a workflow.

2020.10.0 (2020-07-16)

Added

• [account] Added support for Google authentication. This is enabled by adding the ApplicationInstance option baseComponents.authentication.enableGoogleAuth. The value of this option should be the client ID that can be obtained from the Google API console. For more information refer to https://developers.google.com/identity/one-tap/web/guides/get-google-api-clientid.
• [account] Added an ApplicationInstance option to disable the internal password authentication baseComponents.authentication.disableInternalAuth. This will not remove the mechanism to authenticate, but rather remove the login form from the UI and disable login in the struts action that processes the login.
• [account] Added a new expanded authentication pipeline in the User element. This pipeline passes through the entire stack and ends up in its own new UserAuthenticationBean in the logic layer. This new bean class can be used to add additional authentication methods through expander features. Similar to finders and other pipelines, the type of the POJO sent through the pipeline determines the implication called.

Changed

• [account] The internal password authentication implementation has moved to the new UserAuthenticationBean. The previous authentication system using the authentication TaskElement is still present and behaves the same as previously, but now serves as a proxy to the authentication pipeline.

2020.9.1 (2020-07-09)

• Fixed issue in TimerHandlerBean that would set busy flag to false after any timer tick

2020.9.0 (2020-05-29)

• Updated dependencies

2020.8.0 (2020-05-26)

Added

• Support for external asset types defined in other components. These are represented by DataElements marked with the assets.implementsCustomAsset option. The value of this option is used as the name of the new asset type, or the name of the DataElement is used if no value is given in the option. An implementation stub is generated in the logic layer for the DataElement, where an AssetStream has to be provided upon retrieval or persisted when uploading.
• Struts actions now enforce their specific http methods (same as if globalOptionSettings.enforceHttpMethod was always enabled)

2020.7.0 (2020-05-07)

Added

• Added submodule base-components-model providing just the model resource without expanders

Changed

• Renamed standard dependency from baseComponents to base-components

Removed

• Removed cocoon ext code

2020.6.1 (2020-04-24)

Fixed

• Store result of EngineNode name to prevent the name changing due to a changing hostname
• Fix customizations for option jpa.entity.name.format

2020.6.0 (2020-04-10)

Fixed

• Wrong class was used to check for TaskParameterContext constructors, resulting in context not being passed through as intended.

2020.5.0 (2020-03-19)

Fixed

• AccessInfoRetrieverAction is now compatible with both struts 2.3 and 2.5

2020.4.0 (2020-03-06)

Added

• Build baseComponents as expansion resource

2020.3.0 (2020-02-27)

Fixed

• Fix issues with threading and create engineNodeService if missing

2020.2.0 (2020-02-07)

Changed

• Updated AccessInfoRetrieveAction for struts 2.5

Removed

• dependency jar files are no longer packaged

2020.1.0 (2020-01-22)

Added

• WorkflowParameterContextFactory and StateTaskParameterContextFactory now pass the context through to parameterContext. The factories first check if the correct constructor is present, in case the application is expanded with an earlier expander version and thus a nsx-runtime version < 2019.7.1
• Modified the label of workflow::Workflow::className to ‘Flow element name’ to better represent how the actual value is used.
• Added clearer error message if workflow::Workflow::className is not correctly defined